AWS : Infrastructure Deployment

Topics

  • Key concepts
  • CloudFormation

Key concepts

  • CloudFormation
  • Automation: The use of software to create repeatable instructions and processes to replace or reduce human interaction with IT systems
  • Cloud Governance: The people, process, and technology associated with your cloud infrastructure, security, and operations. It involves a framework with a set of policies and standard practices
  • Infrastructure as Code: The process of managing and provisioning computer resources through human and machine-readable definition files, rather than physical hardware configuration or interactive configuration tools like the AWS console
  • IT Audit: The examination and evaluation of an organization’s information technology infrastructure, policies and operations

CloudFormation

  • CloudFormation is a AWS service for create infrastructure as code.
  • it’s a yaml file

How to start with CloudFormation

  1. Services -> CloudFormation
  2. Create stack “With new resources (standard)”
  3. Template is ready
  4. Upload a template file
  5. Click “Choose file” button
  6. Select provided YAML file
  7. Next
CloudFormation Template sections
  • Format version
  • Decsription
  • Parameters
  • Resources
  • Outputs

Each AWS Account has its own AWS Identity & Access Management (IAM) Service.

If you know Azure
On Microsoft Azure, we have a Subscription. The AWS Account can be equivalent to the Azure Subscription. With a difference. Each AWS Account can have its own IAM Users but in Azure, we have a central IAM Service, called Azure Active Directory (AAD).
Each above-called service is a huge topic but we don’t do a deep dive right now.

The AWS IAM User can be used

  • Only for CLI purposes. This user can’t log in to the AWS Portal.
  • Only for working with the AWS Portal. This user can’t be used for CLI.
  • Both purposes. This user can be used to log in to the AWS Portal and CLI.

Pipeline User

The first question is why do we need a Pipeline User?

  • Automated deployment (CI/CD) pipeline and prevent manual or per-click deployment.
  • We can only grant the pipeline user for some specific permissions and audit the logs of this user.

This user can work with AWS Services only via CLI. Therefore it has an Access Key ID and a Key Secret.

If you know Azure
It’s used like a Service Principal, that you have a client-id and client-secret.

IAM User

Description and video come soon

Resources


You owe your dreams your courage.

Koleka Putuma


Published by parisamoosavinezhad

- Software Engineer - Software Architect - Software and database specialist - Cloud solution architect

One thought on “AWS : Infrastructure Deployment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: